| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
Add a "packet_burst" config option that will cause clatd to read
(and write) in bursts of up to that number of packets, instead of
always only reading one packet at a time. This reduces poll
overhead and improves performance.
The variable is initially set to 10.
Bug: 24113287
Change-Id: I7feba4127538c5a89f92e0ebea1fb75971d6b901
|
|
|
|
|
| |
Bug: 24113287
Change-Id: I3e77f5d5e9fcc47819f2a9fe60cff4aa7f97a8bd
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this change, we can notify network stack to disable checksum
validation for GRO packets as well as other packets which have
checksum validation completed earlier in a driver.
GRO packets have the ip_summed field set to CHECKSUM_PARTIAL while
checksum offloaded packets have the ip_summed field as
CHECKSUM_UNNECESSARY. Kernel copies this ip_summed field to the
status field in the tpacket filter. The information from the status
field is then passed as part of the TUN header to the TUN interface.
Any other packet will have the complete checksum validation done
in the network stack. Note that this only applies to packets which
are captured in packet sockets and passed onto the TUN interface.
Change-Id: I536c0356cbbf30fed7ecda5fdd0d38fa0dfd7bf3
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 7efed4e30259da5348c4a7c2c77a0d0d4b13834d.
This change may bypass checksum validation for all packets even if
they have not been validated earlier.
Hardware supports checksum offload for IPv4 / IPv6 UDP and TCP
packets only. ICMPv4 / ICMPv6 / fragmented packet checksum offload
is not supported and as a result the checksum will not be validated
even once before these packet are delivered to the application.
Change-Id: I28152b63bb432c3dc37fe7a713c3b225a662f678
|
|
|
|
|
|
|
|
|
| |
This is needed to handle cases when the packet socket receives
a GRO coalesced packet which will not have a valid TCP checksum.
TUN_NOCHECKSUM is used only when the checksum has already been
verified prior to this and GRO is being used.
Change-Id: I1409967523152bb7620b4881526e78e8c222cc72
|
|\
| |
| |
| |
| | |
* commit '49454814a0a714189916cb2aea1922bc8784b13b':
Make the raw socket and the tun fd nonblocking.
|
| |
| |
| |
| | |
Change-Id: I29a3d510ba0b766488bbd66d57829d9aaf70d21d
|
|\|
| |
| |
| |
| | |
* commit '9353be2a5f1b4fd00b04e4c826f7f3c3ec6c5d46':
Switch the receive path to memory-mapped I/O with PACKET_RX_RING.
|
| |
| |
| |
| | |
Change-Id: I93231de8f108db782eaa43aceb6cc5281d3739c4
|
|\|
| |
| |
| |
| | |
* commit '290b84274989c82393a72f97f7c009094e74c651':
Move tun functions to a new tun.c.
|
| |
| |
| |
| | |
Change-Id: I4910b6cfca0bbf6bde2d1348f43d3131a1212399
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously the code would use 192.0.0.4 on all clat interfaces.
This works, but it has the problem when a clat interface goes
down, we do not reset TCP connections on its IP address if there
is another clat interface up.
Fix this by assigning every clat interface its own IP address in
192.0.0.0/29.
Bug: 12111730
Change-Id: I28c831acd93b0980efea8e90c1cdf8b607beac68
|
| |
| |
| |
| |
| |
| |
| |
| | |
This works by generating a random IID and then using the
IPV6_JOIN_ANYCAST socket option on the write-only raw socket to
configure an address on the interface.
Change-Id: Ieb885b7c54454988e2e4254a14b4213cba3bd791
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, the IPv6 address gets set in two different codepaths
depending on whether it's being configured on startup or happens
because the interface changed its prefix. Refactor the two into
a common function.
Change-Id: I37035401bef7a57ff40540bd0f2aed0f6863269d
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The only change necessary is to stop calling the clat interface
"clat4" and instead name it based on the upstream interface
(specifically, "v4-<interface>".
Bug: 12111730
Change-Id: I489ebb0e3b1408ace8b64ca09ec20366fefe8d83
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
- Add code to generate a random IPv6 address that's
checksum-neutral with the NAT64 prefix and clat IPv4 address.
- Only calculate the IP address after the NAT64 prefix is known.
- Because the clat IPv6 address is no longer determinisitic,
modify interface_poll so it checks whether the prefix has
changed instead of checking whether the IPv6 address has
changed.
- Add/update unit tests.
Change-Id: Ia53716ca5315ebdd0eaa3ad3a07552bf18e9dd5c
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The main clatd event loop calls poll() in a loop, but reads only
from FDs that have POLLIN set. This causes it to get into an
infinite loop if one of the fds has POLLERR set.
Instead, read from all fds that have reported events. The read
causes the kernel to return the error to userspace and clear the
socket error flag, and poll starts working correctly after that.
Bug: 17183471
Bug: 17186694
Change-Id: Ie25853e0d60c077d2478b3e5154946e201f96dca
|
|
|
|
|
|
| |
(cherry picked from commit 18921713780edb45ceef327d5fcf3387818300f3)
Change-Id: I132f7a4ea1a73073fe22ca5f3d89644f2a302db3
|
|
|
|
|
|
| |
(cherry picked from commit 787ea96922dc3942946fd4ad1e0495d4e06e0c2f)
Change-Id: I4582222c8576353b800cc7d30f16c5dbe5f2e8a9
|
|
|
|
|
|
|
|
|
|
| |
Currently, clatd creates the clat4 interface as root using
root's dac_override abilities. Instead, change the drop_root code
to acquire membership in the AID_VPN group, and use that
membership to create the interface. This removes the need for
dac_override.
Change-Id: I1f824254f52a441f21c5b7963d9993be88cea2db
|
|
|
|
|
|
|
| |
(cherry picked from commit 3e7b1d8f783320d38382089a3c9a790ba13772dc)
Bug: 15340961
Change-Id: Iff172b066aa468f9ee36aab661a8b51cb03db95b
|
|
|
|
|
|
|
|
|
| |
This is required to use clatd on a non-default network.
(cherry picked from commit 10c1adce5e85b429bf45bf7f0208c6c37245fbfb)
Bug: 15340961
Change-Id: I779c83644727227a109bfeec1565364336b5ac2b
|
|
|
|
|
|
|
|
|
|
|
| |
Combined with the previous change to send on a raw socket
instead of a tunnel interface, this allows us to get rid of the
clat interface and remove all the routing configuration code.
(cherry picked from commit d44fac888a441cf21111358f43384f3942399d5d)
Bug: 15340961
Change-Id: I2147dbfc07321bbd64d3fb9762b1120487712133
|
|
|
|
|
|
|
|
|
| |
This will allow us to bind the socket to a particular network.
(cherry picked from commit 10e8827d636a72a7bcdfd52d15bad9342ae2a0a6)
Bug: 15340961
Change-Id: I0b62ef96364a90b9c0a9e3ac3ba97b5c19c89b69
|
|
|
|
|
|
|
|
|
|
| |
This will make it easier to use separate fds for reading and
writing in a future change.
(cherry picked from commit 91d0f1bc6dd24e54ed3caef9b08525b332ab0adf)
Bug: 15340961
Change-Id: I374b85f28ae570dc82d21e1ea82a2f072fd7fba3
|
|
|
|
|
|
| |
(cherry picked from commit fc0f94a75c7a6d16ea9e327092f132a0d2c9175e)
Change-Id: I0366eb3882948d77a8be2d5d32169a13f412ad4e
|
|
|
|
|
|
|
|
|
|
|
| |
When plat prefix detection is done on a non-default network it
must use the network specific version of getaddrinfo() so the
plat prefix corresponds to the particular network. The network
is specified to clatd via a NetID command line argument.
(cherry picked from commit a1c871c8efad6c0b69e27d3b85e82a27e282b8be)
Change-Id: I270c5afc4b445cf20e95fd3e58eada6bc24b16ef
|
|
|
|
| |
Change-Id: Ib61e67f15360c27c3ebf61f870a9482217c52357
|
|
|
|
|
| |
Bug: 11542311
Change-Id: I14a20b9ac669cdb5927f6ac26147bb0109099497
|
|
|
|
|
|
|
|
|
|
|
| |
The entry point to the translation code is currently called
packet_handler and lives in clatd.c. Move it into translate.c
and rename it to translate_packet, since that's what it does.
Also get rid of some redundant includes.
Bug: 11542311
Change-Id: I8529fb87f3a86ee6724fad54787c33a5e86c56ab
|
|
|
|
|
|
|
|
| |
Remove unused variables -- they cause warnings (and errors with
-Werror) when building with clang 3.4.
Change-Id: I03fff9b1b9d620763f41c8b31a19c4724726739c
Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Because of the way the tunnel pumps packets into the networking
stack, the netfilter xt_qtaguid module can't track stats
accurately: the totals don't add up.
With "clat" having an ip address, qtaguid will track stats
against it, which then can be deducted from the external iface.
Bug: 11687690
Change-Id: I22ebf26dd9249e821da87665d2bfb0e54d3cdf64
|
|
|
|
| |
Change-Id: I24847fa35644d92bff0fe31ccfc5c4b3e8705779
|
|
|
|
|
|
| |
This fixes a compiler warning.
Change-Id: I14b5d3c871e9b2fdc8400d999e76e494ad510328
|
|
|
|
|
|
|
|
|
| |
When receiving ICMPv6 messages from IPv6-only nodes, use
255.0.0.<ttl> as a fake IPv4 source address. It's better than
nothing.
Bug: 8276725
Change-Id: Iae93f75764cb9cd875af9bb5f1862a0dce2c2fa7
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Add a function that calculates the checksum of all the packet
components starting from the specified position. This
simplifies the code a bit and makes it easier to translate
nested packets like ICMP error messages.
2. Don't hardcode IP source and destination addresses. This is
required to translate ICMP error messages.
Bug: 8276725
Change-Id: I2cae45683ae3943e508608fd0a140180dbc60823
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current code calls all the translation functions one after
another, accumulating the translated packet into local variables
on the stack and calling writev() at the end. This does not allow
calling the translation functions re-entrantly, which is needed,
for example, to translate ICMP errors (which contain the
packet that caused them). Define a clat_packet type to wrap the
array of iovecs and an enum of packet positions.
Also clean up the code a bit: get rid of a fair bit of duplicated
code (though there is still some left), get rid of some redundant
memcpy statements, fix style issues, etc.
Bug: 8276725
Change-Id: Ib58d2348894e82275234fc67dbdb1f82753f204f
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, clatd brings the clat4 interface up before assigning
its IPv4 address. This can cause a race condition, because as
soon as the interface comes up, the framework notices and reads
the interface configuration into the LinkProperties. If this
happens before the IPv4 address is configured, then the framework
ends up thinking clat4's IPv4 address is 0.0.0.0/0.
Fix this by configuring the address before the interface is
brought up.
Currently the framework does not use this address for anything,
so this is purely cosmetic, but it could make debugging more
confusing.
Bug: 8276725
Change-Id: I2bfee586a0d70050c53b10cc3f7eb9a98173e11d
|
|
|
|
|
|
|
|
| |
The IPv4 default route is now added by ConnectivityService
because the stacked LinkProperties object contains it.
Bug: 8276725
Change-Id: I6513bfa4df29b8663cefd30ed0bae1a80b63447c
|
|
|
|
|
|
|
|
| |
This is no longer necessary now that the kernel removes it for us
when accept_ra = 2.
Bug: 8276725
Change-Id: If16d9fbc63af2829f1ee4c87031f895f15a3b3d7
|
|
|
|
|
| |
Bug: 8276725
Change-Id: Iedbd34bc94f678afe51429078e6c06ff144e6373
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1. When started from netd, DNS lookups (used to detect the NAT64
prefix) fail because ANDROID_DNS_MODE=local. Unset it.
2. Only add the SIGTERM handler just before starting the event
loop. Otherwise, if clatd hangs before the event loop is
started (e.g., when #1 happens), it can't be stopped.
While I'm at it, add a couple of logging statements.
Change-Id: Ie24b37e34b729ce6cd3769b5d64348f2c1b9627d
|
|/
|
|
| |
Change-Id: I8e7130c1c9b7d6397bc5e705e58667fb7b37b598
|
|
This software provides the nat 4->6 translation needed for the "clat" part of
the 464xlat standard. It is needed for better IPv4 application support while
on an IPv6-only mobile network connection using 464xlat's nat64 (such as
T-Mobile's IPv6 trial).
A general diagram of how 464xlat works:
http://dan.drown.org/android/clat/Clat-Plat.png
Depends-on: I2392f8127dcd90d16b0f20ff31bcc5aa096db464
Change-Id: If2bc6916fc66fd4bca7cc241c83cfae839b82e15
Signed-off-by: Daniel Drown <dan-android@drown.org>
|